Industry experts are urging Canadian businesses to reevaluate their cybersecurity vulnerabilities following a significant cyberattack that forced numerous automotive dealerships across North America to abandon their digital systems and revert to pen and paper.
CDK Global, an American company providing software to manage sales and services for car dealerships, experienced back-to-back cyberattacks last week. As a precaution, the company shut down its services, leaving thousands of dealerships scrambling for workarounds. The company referred to the incident as a "ransom event" but did not disclose whether any ransom was paid to regain control of their systems. The restoration of services was expected to take several days.
Tim Reuss, CEO of the Canadian Automotive Dealers Association, emphasized the unprecedented scale of the disruption. “The system basically records any and all transactions at the dealership,” he told CTV News. “The sale of a vehicle, trade-in, a service appointment, part sale, a quote. We have never seen anything at this scale before in our industry.”
JP Kovac, dealer principal at Gyro Mazda and Gyro Hyundai in Toronto, described the challenges his dealerships faced, having to record every transaction and booking by hand. "Just have patience with the people on the frontline," Kovac said. “They are doing the best they can in a really challenging time.”
Steve Chipman, CEO of Birchwood Automotive Group in Manitoba, noted that 16 of his dealerships were impacted. While the situation was frustrating and slowed operations, Chipman expressed hope that this event would ultimately strengthen his business and underscored the importance of maintaining robust cybersecurity measures. “Everybody grumbles, ‘Why do I have to have such a long password, why is it going to take so much time,’” Chipman remarked. “It's proof again that there are very sophisticated criminals out there holding people for ransom.”
The rise in cyberattacks targeting corporations, hospitals, and municipalities in recent years is alarming. Criminals often aim to steal data and hold it for ransom, creating significant operational disruptions and financial losses. Cybersecurity expert Ritesh Kotak stressed that cybersecurity is not a one-time investment but a continual process. “Cybersecurity is not a check-box exercise,” Kotak said. “These threats are constantly evolving, and that's why it's important for organizations to really think through where to invest to continually stay up to date.”
Kotak also highlighted the importance of having robust business continuity plans in place. “Do you have the right business continuity processes in place, and how quickly can you get back up and running?” he asked. “Otherwise, the consequences are you are going to be completely shut down and not able to do anything.”
CDK Global, according to its website, serves over “15,000 retail locations” and offers a “three-tiered cybersecurity strategy to prevent, protect, and respond to cyberattacks.” This incident serves as a stark reminder of the critical need for comprehensive cybersecurity strategies across all sectors.
In this evolving landscape of cyber threats, businesses must adopt proactive and multi-layered security measures. This is where Directpath Global Technologies (DGT) can be a valuable partner. As a leading Managed Security Service Provider (MSSP), DGT offers a suite of advanced cybersecurity solutions, including Mobile Threat Defense (MTD), Extended Detection and Response (XDR), Vulnerability Assessment and Penetration Testing (VAPT), and System Organization Controls Type 2 (SOC2) compliance.
Additionally, DGT’s advanced Artificial Intelligence Division leverages cutting-edge technologies to tailor services that enhance cybersecurity and optimize various aspects of organizational operations. By partnering with DGT, businesses can strengthen their defenses against emerging cyber threats and ensure business continuity in the face of potential disruptions.
As cyber threats continue to evolve, it is crucial for organizations to stay vigilant, invest in robust cybersecurity measures, and prepare for the unexpected. The CDK Global incident serves as a powerful reminder that proactive cybersecurity planning and strategic investments are essential for protecting operations and maintaining business resilience in an increasingly digital world. Source: CTV News
Comments